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REMARKS/ARGUMENTS 

The final Office Action of January 11, 2007, has been reviewed and these remarks are 
responsive thereto. Claim 44 has been amended. Reconsideration and allowance of the 
application are respectfully requested. 

Allowable Subject Matter 

Applicants thank the Examiner for indicating allowable subject matter with respect to 
claims 55, 56, 62 and 63. 

Claim Rejections Under 35 U.S.C. §112 

Claim 44 stands rejected under 35 U.S.C. §1 12 for reciting the feature of "the SSL client 
handshake" in line 7 without sufficient antecedent basis. Applicants have amended claim 44 and 
thus respectfiilly traverse this rejection. 

Claim Rejections Under 35 U.S.C. §103 

Claims 28-31, 34-36, 39, 40 and 42-54, 57, 59-61 and 64 stand rejected under 35 U.S.C. 
§ 103(a) as being unpatentable over Aziz et al. (U.S. Patent No. 6,643,701, "Aziz") in view of 
Brack et al. (U.S. Patent No. 6,691,165, hereinafter "Bruck"). This rejection is respectfully 
traversed for at least the following reasons. 

Independent claims 28, 46 and 49 relate to, inter alia, an SSL relay establishing a 
coimection between a first node and a second node, wherein the coimection includes an SSL 
connection between the SSL relay and the first node, and clustering state information of the 
communication path, the clustering comprising sharing the state information between the first 
SSL relay and at least a second SSL relay of the cluster. Contrary to the Office Action's 
contentions, there is no motivation to combine Aziz and Bruck in the manner asserted. Aziz 
generally relates to a method and system for providing secure communications with a relay in a 
network. Aziz, Title. In particular, Aziz describes providing a coimection between a first 
computer and a second computer by receiving, at a third computer, information regarding one of 
the first and second computers to facilitate establishment of a secure coimection between the first 
and second computers. Aziz, Abstract. Aziz fiirther discloses that an end-to-end security link 
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may be established using SSL. The Office Action concedes that Aziz does not explicitly teach of 
connecting at least two relays in a cluster and clustering state information of the communication 
path when the record has been acknowledged by the second node. In fact, Aziz does not teach or 
suggest any form of clustering. To cure these deficiencies, the Office Action relies on Bruck, 
alleging that one would be motivated to combine Aziz and Bruck because Aziz teaches that more 
than one relay can be employed to expand the number of connections. AppUcants respectfully 
disagree. The mere fact that Aziz describes more than one relay does not teach or suggest a need 
for clustering. Significantly, the more than one relay described by Aziz are provided to expand 
the number of coimections. Col. 6, 11. 1-2. Nowhere does Aziz teach or suggest a need to cluster 
the more than one relay or for a first relay to take over the coimection of a second relay. In 
addition, even if, without admitting, Aziz taught or suggested a need for clustering, Bruck relates 
to clustering TCP protocol connections, not SSL connections. Accordingly, one of ordinary skill 
in the art would not have been motivated to combine Aziz and Bruck in the manner suggested for 
at least these reasons. Claims 28, 46, 49 and all claims dependent thereon are allowable for at 
least these reasons. 

Furthermore, even if Aziz and Bruck are properly combinable, neither Aziz nor Bruck 
teach or suggests the features of an SSL relay establishing a connection between a first node and 
a second node and clustering state information of the communication path when the record has 
been acknowledged by the second node, as recited in claims 28, 46 and 49. The Office Action 
concedes Aziz fails to teach or suggest such a feature at p. 4. To cure this deficiency, the Office 
Action relies on col. 25, line 58 - col. 26, line 6 of Bruck. The cited passage of Bruck discloses 
that "TCP/IP coimections between two machines are established following an exchange of 
messages including a synchronize segment message (SYN), acknowledgement message (ACK), 
and SYN-acknowledgement message (SYN-ACK)." However, Bruck is merely describing the 
exchange of synchronization acknowledgments between servers in a relay cluster (i.e.. Server 1 
and Server 2), not acknowledgment of a record from a second node that is connected to a first 
node through an SSL relay, as recited in claims 28, 46 and 49. Claims 28, 46 and 49 are thus 
allowable for this additional reason. 

Amended independent claim 44 recites, inter alia, 
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"an SSL relay cluster for connecting the first node and the second node 
comprising: a first SSL relay configured to cluster an SSL client handshake 
following reception of the SSL client handshake from the first node; and a second 
SSL relay configured to transmit an acknowledgment to the first SSL relay after 
receiving update information fi-om the first SSL relay, wherein the first SSL relay 
is further configured to transmit a handshake acknowledgment message to the 
first node following reception of the acknowledgment fi-om the second SSL 
relay." 

As discussed with respect to claims 28, 46 and 49, there is no motivation to combine Aziz 
and Brack. In addition, nowhere does Aziz or Brack, either separately or in combination, teach 
or suggest a second SSL relay configured to transmit an acknowledgment to the first SSL relay 
after receiving update information from the first SSL relay, wherein the first SSL relay is further 
configured to transmit a handshake acknowledgment message to the first node following 
reception of the acknowledgment fi"om the second SSL relay. To cure this admitted deficiency 
of Aziz, the Office Action cites col. 27, 11. 12-15 of Brack. The cited passage discloses a server 
(i.e., distributed gateway) buffering a data packet until SYN updates are received fi-om other 
gateways. Even so, nowhere does Brack teach or suggest transmitting a handshake 
acknowledgment message to a first node following reception of the acknowledgment from the 
second SSL relay. Even assuming, without conceding, that Brack's SYN updates constitute 
acknowledgments from a second relay, there is still no teaching or suggestion, in Brack, of 
transmitting a handshake acknowledgment message to a first node following reception of the 
acknowledgment fi"om the second relay, as recited in claim 44. Accordingly, claim 44 is 
allowable for at least these reasons. 

Claims 29-31, 34-36, 39, 40 and 42, 43, 45, 47, 48, 50-57 and 60-64 are dependent on 
independent claims 28, 44, 46 and 49, respectively, and are thus allowable for at least the same 
reasons as their base independent claims and further in view of the novel and non-obvious 
features recited therein. For example, claim 34 recites, inter alia, "sharing an SSL session cache 
across all of the at least two SSL relays." The Office Action concedes that Aziz does not teach 
or suggest such features. Instead, the Office Action relies on col. 16, line 66 to col. 17, line 6 of 
Brack to cure these deficiencies. However, the cited passage merely describes an ARP cache, 
not an SSL session cache. Further, the ARP cache is not a shared cache; rather, each client and 
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router on the subnet has their own respective ARP cache. Col. 17, 11. 6-10. As such, claim 34 is 
allowable for this additional reason. 

Claims 37, 38, 41, 58 and 61 stand rejected under 35 U.S.C. §103(a) as being 
unpatentable over Aziz in view of Bruck and further in view of Weinstein et al. (U.S. Patent No. 
6,094,485, hereinafter "Weinstein"). This rejection is respectfiiUy traversed for the following 
reasons. 

Claims 37, 38 and 41 are dependent on claim 28 and thus are allowable over Aziz and 
Bruck for at least the same reasons as discussed above. Claims 37, 38 and 41 are fiirther 
allowable over the asserted combination of Aziz, Bruck and Weinstein since Weinstein fails to 
cure the deficiencies of Aziz and Bruck identified above. Still further, there would be no 
motivation to combine Weinstein with Bruck since Weinstein does not teach or suggest a need or 
desire to cluster state information of SSL communications between a first node and a second 
node through a relay. As such, one of ordinary skill in the art would not have been motivated to 
combine the features of SSL protocol disclosed in Weinstein with the TCP clustering system 
described in Bruck since doing so would be superfluous. Claims 37, 38 and 41 are thus 
allowable for at least this reason. 
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CONCLUSION 

All rejections having been addressed, Applicants respectfully submit that the instant 
application is in condition for allowance, and respectfully solicit prompt notification of the same. 
However, if for any reason the Examiner believes the apphcation is not in condition for allowance 
or there are any questions, the examiner is requested to contact the undersigned at (202) 824- 
3156. 

Respectfully submitted, 
BANNER & WITCOFF, LTD. 

Dated: April 9. 2007 By: /Chunhsi Andy Mu/ 

Chunhsi Andy Mu, Registration No. 58,216 

1100 13th Street, N.W. 
Washington, D.C. 20005 
Tel: (202) 824-3000 
Fax: (202) 824-3001 
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